AI-powered “vibe coding” platforms are exposing sensitive corporate and personal information online as inexperienced users rapidly build public-facing applications without proper cybersecurity safeguards.
According to Axios, cybersecurity firm RedAccess discovered roughly 380,000 publicly accessible assets created using platforms including Lovable, Replit, Base44, and Netlify. Researchers said about 5,000 of those apps contained sensitive data.
The report said exposed information included medical records, financial documents, internal company tools, school data, and customer conversations. Some applications were reportedly indexed by search engines, making them easily discoverable online.
Thousands of AI-built apps exposed sensitive corporate and personal data, researchers found https://t.co/jZp6LMt3Vt
— Axios (@axios) May 7, 2026
Security researchers blamed weak default privacy settings and the rapid growth of unauthorized “shadow AI” usage inside companies.
Several firms disputed parts of the findings but acknowledged ongoing investigations. According to the report, some exposed applications were removed after the companies were alerted to the security risks.
Also Read:
TIPP Staff
